search

tmobile / pacbot

PacBot (Policy as Code Bot)
https://tmobile.github.io/pacbot/
Apache License 2.0
1.29k stars 276 forks source link

Installation issue #523

Open bhuvi11 opened 2 years ago

bhuvi11 commented 2 years ago

Hello @Akashbhaskaran,

I am getting below errors while installing PacBot

1)

  • null_resource.pacbot_app_ecr_APIDockerImageBuild: Error running command '/home/ubuntu/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py': exit status 1. Output: Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/docker/client.py", line 170, in _raise_for_status response.raise_for_status() File "/usr/lib/python3/dist-packages/requests/models.py", line 940, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 404 Client Error: Not Found for url: http+docker://localunixsocket/v1.24/images/607019071572.dkr.ecr.us-east-1.amazonaws.com/pacbot-microservices?force=True&noprune=False

2)

Traceback (most recent call last): File "/home/ubuntu/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py", line 80, in build_and_push_docker_image(provider_json_file, ecr_repo, docker_file, docker_file_dir, log_file) File "/home/ubuntu/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py", line 35, in build_and_push_docker_image delete_docker_images_from_local(os.path.join(docker_file_dir, docker_file)) File "/home/ubuntu/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py", line 51, in delete_docker_images_from_local docker_client.remove_image(ecr_repo, force=True) File "/usr/local/lib/python3.8/dist-packages/docker/utils/decorators.py", line 21, in wrapped return f(self, resource_id, *args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/docker/api/image.py", line 223, in remove_image self._raise_for_status(res) File "/usr/local/lib/python3.8/dist-packages/docker/client.py", line 173, in _raise_for_status raise errors.NotFound(e, response, explanation=explanation) docker.errors.NotFound: 404 Client Error: Not Found ("b'{"message":"No such image: 607019071572.dkr.ecr.us-east-1.amazonaws.com/pacbot-microservices:latest"}'")

3)

  • null_resource.pacbot_app_import_db_ImportDbSql: Error running command 'mysql -u pacbot --password=REMOVED -h pacbot-data.cbmoauu1vwy0.us-east-1.rds.amazonaws.com < /home/ubuntu/pacbot/installer/data/terraform/scripts_and_files/DB_With_Values.sql': exit status 1. Output: mysql: [Warning] Using a password on the command line interface can be insecure. ERROR 2026 (HY000): SSL connection error: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol

4)

  • aws_iam_role_policy_attachment.iam_lambda_role_LambdaFullAccessPolicyAttach: 1 error occurred:

    • aws_iam_role_policy_attachment.iam_lambda_role_LambdaFullAccessPolicyAttach: Error attaching policy arn:aws:iam::aws:policy/AWSLambdaFullAccess to IAM Role pacbot_lambda_basic_execution: NoSuchEntity: Policy arn:aws:iam::aws:policy/AWSLambdaFullAccess does not exist or is not attachable. status code: 404, request id: 3a016082-c825-46a1-b0c5-d73acbb06539

    • aws_iam_role_policy_attachment.iam_ecs_role_ECSAWSLambdaFullAccessPolicyAttach: 1 error occurred:

    • aws_iam_role_policy_attachment.iam_ecs_role_ECSAWSLambdaFullAccessPolicyAttach: Error attaching policy arn:aws:iam::aws:policy/AWSLambdaFullAccess to IAM Role pacbot_ecs_role: NoSuchEntity: Policy arn:aws:iam::aws:policy/AWSLambdaFullAccess does not exist or is not attachable. status code: 404, request id: ce301db0-e99f-46e7-aa50-c29c2b6a7842

    • aws_iam_role_policy_attachment.iam_all_read_role_AllReadLambdaFullAccessPolicyAttach: 1 error occurred:

    • aws_iam_role_policy_attachment.iam_all_read_role_AllReadLambdaFullAccessPolicyAttach: Error attaching policy arn:aws:iam::aws:policy/AWSLambdaFullAccess to IAM Role pacbot: NoSuchEntity: Policy arn:aws:iam::aws:policy/AWSLambdaFullAccess does not exist or is not attachable. status code: 404, request id: ff10a7e2-fbc0-42af-aacc-4f0e99ea7a49

PLease help

Akashbhaskaran commented 2 years ago

Seems like the docker images did not get created . This usually happens when the machine does not have sufficient storage to create docker images or due to any build issue that occurs during the image creation . Please confirm that the machine has enough free space , also check the maven log and error log files generated by the installer to identify the build issues , if any.

bhuvi11 commented 2 years ago

Hello @Akashbhaskaran , I see the docker images in the ECR. Three docker images are created but I am not sure why it says image not found.

Akashbhaskaran commented 2 years ago

Yeah , 9 docker images are required . It says docker image not found while trying to push to ecr . So the remaining 6 did not get created in the machine. It's trying to push something to ecr which does not exist on your local.

bhuvi11 commented 2 years ago

Hello @Akashbhaskaran,

This is the only error i get. Traceback (most recent call last): File "/home/ec2-user/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py", line 80, in build_and_push_docker_image(provider_json_file, ecr_repo, docker_file, docker_file_dir, log_file) File "/home/ec2-user/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py", line 35, in build_and_push_docker_image delete_docker_images_from_local(os.path.join(docker_file_dir, docker_file)) File "/home/ec2-user/pacbot/installer/data/terraform/scripts_and_files/scripts/create_docker_image_and_push_to_ecr.py", line 51, in delete_docker_images_from_local docker_client.remove_image(ecr_repo, force=True) File "/usr/local/lib/python3.7/site-packages/docker/utils/decorators.py", line 21, in wrapped return f(self, resource_id, *args, **kwargs) File "/usr/local/lib/python3.7/site-packages/docker/api/image.py", line 223, in remove_image self._raise_for_status(res) File "/usr/local/lib/python3.7/site-packages/docker/client.py", line 173, in _raise_for_status raise errors.NotFound(e, response, explanation=explanation) docker.errors.NotFound: 404 Client Error: Not Found ("b'{"message":"No such image: 607019071572.dkr.ecr.us-east-1.amazonaws.com/pacbot-microservices:latest"}'")

It says image missing , but i see this image in ECR.

This is the maven log [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ pacbot --- [INFO] Installing /home/ec2-user/pacbot/pom.xml to /root/.m2/repository/com/tmobile/pacbot/1.0.0-SNAPSHOT/pacbot-1.0.0-SNAPSHOT.pom [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary: [INFO] [INFO] api-commons ....................................... SUCCESS [8.843s] [INFO] commons ........................................... SUCCESS [5.498s] [INFO] PacMan Commons Projects ........................... SUCCESS [0.040s] [INFO] admin-service ..................................... SUCCESS [7.091s] [INFO] asset-service ..................................... SUCCESS [4.180s] [INFO] config ............................................ SUCCESS [0.558s] [INFO] compliance-service ................................ SUCCESS [5.138s] [INFO] notification-service .............................. SUCCESS [3.141s] [INFO] statistics-service ................................ SUCCESS [1.657s] [INFO] auth-service ...................................... SUCCESS [1.525s] [INFO] vulnerability-service ............................. SUCCESS [2.832s] [INFO] PacMan Api Projects ............................... SUCCESS [0.049s] [INFO] inventoryFetch .................................... SUCCESS [43.173s] [INFO] data-shipper ...................................... SUCCESS [4.146s] [INFO] awsrules .......................................... SUCCESS [26.877s] [INFO] pacman-rule-engine ................................ SUCCESS [20.925s] [INFO] pacman-cloud-notifications ........................ SUCCESS [10.973s] [INFO] recommendation-enricher ........................... SUCCESS [2.602s] [INFO] pacman-qualys-enricher ............................ SUCCESS [2.263s] [INFO] azure-discovery ................................... SUCCESS [2.453s] [INFO] PacMan Jobs Projects .............................. SUCCESS [0.010s] [INFO] PacBot UI ......................................... SUCCESS [1:34.286s] [INFO] PacMan ............................................ SUCCESS [0.004s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 4:09.301s [INFO] Finished at: Mon Oct 18 09:45:46 UTC 2021 [INFO] Final Memory: 244M/871M [INFO] ------------------------------------------------------------------------

Akashbhaskaran commented 2 years ago

Does the local machine have sufficient free space for creating the remaining images ?

bhuvi11 commented 2 years ago

Currently, we are using an EC2 instance with 20GB storage.

emil-ep commented 2 years ago

@bhuvi11 I solved this issue by updating the dockerfile in installer/resources/pacbot_app/files/api_docker_ssl